Lucene search

[email protected]CVE-2017-9077

HistoryMay 19, 2017 - 2:29 p.m.

CVE-2017-9077

2017-05-1914:29:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

173

cve-2017-9077

linux kernel vulnerability

denial of service

nvd

cve-2017-8890

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.9 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

CPENameOperatorVersion
linux:linux_kernellinux linux kernellt3.2.89
linux:linux_kernellinux linux kernellt3.16.44
linux:linux_kernellinux linux kernellt3.18.84
linux:linux_kernellinux linux kernellt4.9.31
linux:linux_kernellinux linux kernellt4.11.4
linux:linux_kernellinux linux kernellt4.4.71

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	lt	3.2.89
linux:linux_kernel	linux linux kernel	lt	3.16.44
linux:linux_kernel	linux linux kernel	lt	3.18.84
linux:linux_kernel	linux linux kernel	lt	4.9.31
linux:linux_kernel	linux linux kernel	lt	4.11.4
linux:linux_kernel	linux linux kernel	lt	4.4.71